Can I use third-party collaboration tools that collect personal information in Alabama? What are the requirements?

To use third-party collaboration tools that collect personal information in Alabama, you must comply with the Alabama Code Title 5, Chapter 26A, Section 482-1-122, which regulates the privacy of nonpublic personal financial information.

Requirements for using third-party collaboration tools that collect personal information in Alabama

To use third-party collaboration tools that collect personal information in Alabama, you must comply with the following requirements:

1. Provide initial, annual, and revised privacy notices that include the categories of nonpublic personal financial information that you collect, disclose, and the categories of affiliates and nonaffiliated third parties to whom you disclose nonpublic personal financial information, other than those parties to whom you disclose information under Sections 15 and 16 ^[1.6].
2. Obtain consent or direction from the consumer before disclosing nonpublic personal financial information ^[1.1].
3. Protect the confidentiality or security of your records pertaining to the consumer, service, product, or transaction ^[1.1].
4. Protect against or prevent actual or potential fraud or unauthorized transactions ^[1.1].
5. Disclose nonpublic personal financial information to persons holding a legal or beneficial interest relating to the consumer or to persons acting in a fiduciary or representative capacity on behalf of the consumer ^[1.1].
6. Disclose nonpublic personal financial information to provide information to insurance rate advisory organizations, guaranty funds or agencies, agencies that are rating a licensee, persons that are assessing the licensee’s compliance with industry standards, and the licensee’s attorneys, accountants, and auditors ^[1.1].
7. Disclose nonpublic personal financial information to comply with federal, state, or local laws, rules, and other applicable legal requirements, to comply with a properly authorized civil, criminal or regulatory investigation, or subpoena or summons by federal, state or local authorities, or to respond to judicial process or government regulatory authorities having jurisdiction over a licensee for examination, compliance, or other purposes as authorized by law ^[1.1].
8. Disclose nonpublic personal financial information for purposes related to the replacement of a group benefit plan, a group health plan, a group welfare plan, or a workers’ compensation plan ^[1.1].
9. Limit the disclosure and use of nonpublic personal financial information received from a nonaffiliated financial institution under an exception in Sections 15 or 16 of the regulation ^[1.5].
10. Disclose nonpublic personal financial information to a nonaffiliated third party only under an exception in Sections 15 or 16 of the regulation or if the disclosure would be lawful if made directly to that person by the financial institution from which the licensee received the information ^[1.5].
11. Disclose nonpublic personal financial information to the licensee’s affiliates or to its affiliates, but the licensee’s affiliates may, in turn, disclose and use the information only to the extent that the licensee may disclose and use the information ^[1.5].
12. Disclose nonpublic personal financial information pursuant to an exception in Sections 15 or 16 of the regulation, in the ordinary course of business to carry out the activity covered by the exception under which the licensee received the information ^[1.5].

Additionally, there are exceptions to the opt-out requirements for disclosure of nonpublic personal financial information for service providers and joint marketing ^[1.2], limits on disclosure of nonpublic personal financial information to nonaffiliated third parties ^[1.3], and exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information for processing and servicing transactions ^[1.4].

If you comply with these requirements and exceptions, you can use third-party collaboration tools that collect personal information in Alabama.

Source(s):

• [1.1] Other Exceptions To Notice And Opt Out Requirements For Disclosure Of Nonpublic Personal Financial Information
• [1.2] Exception To Opt Out Requirements For Disclosure Of Nonpublic Personal Financial Information For Service Providers And Joint Marketing
• [1.3] Limits On Disclosure Of Nonpublic Personal Financial Information To Nonaffiliated Third Parties
• [1.4] Exceptions To Notice And Opt Out Requirements For Disclosure Of Nonpublic Personal Financial Information For Processing And Servicing Transactions
• [1.5] Limits On Redisclosure And Reuse Of Nonpublic Personal Financial Information
• [1.6] Information To Be Included In Privacy Notices

Jurisdiction

Alabama

• Privacy